Vulnerability in Emerson Wireless 1410 Gateway
CVE-2020-12030
There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports u…
EPSS: 0.011 (60.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Emerson Wireless 1410 Gateway — versions 4.6.43
- Emerson Wireless_1410_gateway
- Emerson Wireless_1410_gateway_firmware
- Emerson Wireless 1420 Gateway — versions 4.6.43
- Emerson Wireless_1420_gateway
- Emerson Wireless_1420_gateway_firmware
- Emerson Wireless 1552wu Gateway — versions 4.6.43
- Emerson Wireless_1552wu_gateway
- Emerson Wireless_1552wu_gateway_firmware
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-12030?
- CVE-2020-12030 is a critical-severity vulnerability in Emerson Wireless 1410 Gateway, classified under Improper Access Control. CVSS score: 10.0/10. Published 2021-09-29.
- How severe is CVE-2020-12030?
- Critical severity. CVSS v3 base score is 10.0 out of 10.